I have below get request. But its giving 401 Unauthorized error.
var headers = new Headers();
headers.append('Content-Type': 'application/json;charset=UTF-8');
this.http.get(urgentPostURL + encodeURIComponent(this.urgentpost.comment))
.map((res:Response) => res.json())
.subscribe(data => {
this.result = data;
console.log('UrgentPost Result : ' + this.result.Success);
if (this.result.Success == true) {
console.log("SUCESSS");
} else {
console.log("FAILED");
}
},err => console.error(err),() => console.log('done'));
What I'm doing wrong here?
Edited
After updated to the following code I'm still getting 401:
var headers = new Headers();
headers.append('Content-Type': 'application/json;charset=UTF-8');
headers.append('Authorization', 'Basic ' + btoa("123" + ':' + "123"));
this.http.get(urgentPostURL + encodeURIComponent(this.urgentpost.comment), { headers: headers })
.map((res:Response) => res.json())
.subscribe(data => {
General:
Request Method:GET
Status Code:401 Unauthorized
Response headers:
Access-Control-Allow-Origin:*
Cache-Control:no-cache
Content-Length:0
Date:Tue, 23 Feb 2016 11:26:17 GMT
Expires:-1
Pragma:no-cache
Server:Microsoft-IIS/8.0
Set-Cookie:ARRAffinity=6e6dd0608a0902ef40a800ab07ee37397d7b6cfbd85cf3dea254a7115d365bc1;Path=/;Domain=sd.sddd.net
WWW-Authenticate:Basic
X-AspNet-Version:4.0.30319
X-Powered-By:ASP.NET
Request headers:
Accept:*/*
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8
Authorization:Basic MDAwMDAwMDoxMjM0NTY3OA==
Connection:keep-alive
Content-Type:application/json;charset=UTF-8
Host:sd.sddd.net
Origin:http://localhost:8100
Referer:http://localhost:8100/
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.109 Safari/537.36
I seems that the server requires authentication. You didn't define the Authorization header for your call.
Here is a sample for an HTTP basic authentication:
var headers = new Headers();
headers.append('Content-Type': 'application/json;charset=UTF-8');
headers.append('Authorizcation', 'Basic '+btoa(username + ':' + password));
this.http.get(urgentPostURL + encodeURIComponent(
this.urgentpost.comment,
{ headers: headers })
.map((res:Response) => res.json())
(...)
Don't forget to specify your headers for your request and to import the Headers class.
Related
I am working on the login system but have been stuck for a while, cookies are in the response header but not set in the application tab.
Edit: looks like cookie is being stored to path '/api'. But after setting path:'/' nothing changed.
/api/login.js
export default async (req, res) => {
if (req.method === "GET") res.send(200);
else if (req.method === "POST") {
// console.log(req.body);
const user = await loginHandler(req);
const matchPassword = await bcrypt.compare(
req.body.password,
user[0].Password
);
if (!matchPassword) {
res.send(400);
} else {
const token = jwt.sign(
{
Email: user[0].Email,
},
process.env.SECRET,
{ expiresIn: "12h" }
);
res.setHeader(
"Set-Cookie",
cookie.serialize(token, {
httpOnly: true,
maxAge: 12 * 3600 * 1000,
secure: process.env.NODE_ENV !== "development",
sameSite: "strict",
path:"/",
})
);
res.send(200);
}
}
};
login form
const headers = {
"Content-Type": "application/json",
};
const handleSubmitForm = async (enteredEmailAndPassword) => {
const user = {
...enteredEmailAndPassword,
};
await axios.post(
"/api/login",
user,
{
headers: headers,
},
{ withCredentials: true }
);
};
response header
Set-Cookie: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJFbWFpbCI6InZmdkBnbWFpbC5jb20iLCJpYXQiOjE2NTI1OTMzMzgsImV4cCI6MTY1MjYzNjUzOH0.Wsl25NglaidYnzpIrPxK6FS5nAXjUe1tK7DQQ-KVuUE=%5Bobject%20Object%5D
ETag: "3-n5rwKVhboBTgfNORDKl2z1YWBhY"
Content-Type: application/json; charset=utf-8
Content-Length: 3
Vary: Accept-Encoding
Date: Sun, 15 May 2022 05:42:18 GMT
Connection: keep-alive
Keep-Alive: timeout=5
What should I do to set cookies in the application tab?
I am trying to send a name and email from a static website to a lambda function through a HTTPS gateway. Here's the JS code that handles the inputs.
function submitToAPI(e) {
e.preventDefault();
var URL = "https://fvxw67h6bl.execute-api.us-east-1.amazonaws.com/default/GetData";
let name = (document.getElementById("name") as HTMLInputElement).value;
let email = (document.getElementById("email") as HTMLInputElement).value;
if (name=="" || email=="")
{
alert("Please Fill All Required Field");
return false;
}
const emailRE = /^\w+([\.-]?\w+)*#\w+([\.-]?\w+)*(\.\w{2,3})+$/;
if(!emailRE.test(email)) {
alert("Email Address entered, is not valid");
return false;
}
var data = {
name : name,
email : email
};
var xmlhttp = new XMLHttpRequest();
xmlhttp.open("POST", URL);
xmlhttp.setRequestHeader("Content-Type", "application/json");
xmlhttp.send(JSON.stringify(data));
}
I was trying to access the data in the lambda function with:
name = event["name"]
email = event["email"]
But it kept returning errors.
So I tried printing the event object and this is what it returned.
{
'version': '2.0',
'routeKey': 'ANY /GetData',
'rawPath': '/default/GetData',
'rawQueryString': '',
'headers': {
'accept': '*/*',
'accept-encoding': 'gzip, deflate, br',
'accept-language': 'en-US,en;q=0.9',
'content-length': '0',
'host': 'fvxw67h6bl.execute-api.us-east-1.amazonaws.com',
'origin': 'http://localhost:3000',
'referer': 'http://localhost:3000/',
'sec-ch-ua': '"Chromium";v="92", " Not A;Brand";v="99", "Google Chrome";v="92"',
'sec-ch-ua-mobile': '?0',
'sec-fetch-dest': 'empty',
'sec-fetch-mode': 'cors',
'sec-fetch-site': 'cross-site',
'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36',
'x-amzn-trace-id': 'Root=1-611f1788-7c27d190689e2be22374fd1f',
'x-forwarded-for': '107.2.126.157',
'x-forwarded-port': '443',
'x-forwarded-proto': 'https'
},
'requestContext': {
'accountId': '551656018604',
'apiId': 'fvxw67h6bl',
'domainName': 'fvxw67h6bl.execute-api.us-east-1.amazonaws.com',
'domainPrefix': 'fvxw67h6bl',
'http': {
'method': 'POST',
'path': '/default/GetData',
'protocol': 'HTTP/1.1',
'sourceIp': '107.2.126.157',
'userAgent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36'
},
'requestId': 'EWCdaiwUIAMEVOA=',
'routeKey': 'ANY /GetData',
'stage': 'default',
'time': '20/Aug/2021:02:46:32 +0000',
'timeEpoch': 1629427592825
},
'isBase64Encoded': False
}
Basically it just returned the header.
How would I access the data I sent through the API?
I am having trouble properly setting up csrf tokens in the authlink header.
const authLink = setContext((_, { headers }) => {
const token = localStorage.getItem(AUTH_TOKEN)
return {
"headers": {
'X-CSRFToken' : getCookie('csrftoken'),
"Authorization": token ? `JWT ${token}` : '',
...headers,
},
};
});
The request being sent looks ok from the browser devtools, as you can see at the bottom the csrf token looks right? I cleared my browser data to make sure it wasn't old, but I'm not sure if that's effective anyways.
accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Authorization
Connection: keep-alive
Content-Length: 505
content-type: application/json
Host: localhost:8000
Origin: http://localhost:3000
Referer: http://localhost:3000/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.90 Safari/537.36 Edg/89.0.774.63
X-CSRFToken: LsV83sz3Rb5RRIlNcRN3AgnniodwsSMpvXwMGquPGRbvoPpISfKv6MBEf86rVzVp
The error I get through the site is
CSRF verification failed. Request aborted
my django server shows
Forbidden (CSRF cookie not set.)
Have you tried to install corsheaders? or are you sure you have this function
function getCookie(name) {
var cookieValue = null;
if (document.cookie && document.cookie !== '') {
var cookies = document.cookie.split(';');
for (var i = 0; i < cookies.length; i++) {
var cookie = cookies[i].trim();
// Does this cookie string begin with the name we want?
if (cookie.substring(0, name.length + 1) === (name + '=')) {
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
break;
}
}
}
return cookieValue;
}
I had same issue because x-csrftoken was not transmitted in the Request Headers
Here is the fix i have done
On my React code
import { ApolloClient, createHttpLink, InMemoryCache } from '#apollo/client';
import { setContext } from '#apollo/client/link/context';
import Cookie from "js-cookie";
const httpLink = createHttpLink({
uri: '/graphql/',
});
const authLink = setContext((_, { headers }) => {
return {
headers: {
...headers,
"x-csrftoken": Cookie.get("csrftoken")
}
}
});
const client = new ApolloClient({
link: authLink.concat(httpLink),
cache: new InMemoryCache()
});
I want to retrieve the user details for displaying the username of the user who is logged-in
I need to fetch the username from "http://127.0.0.1:8000/rest-auth/user/" from django-rest-auth
I am new to reactjs and tried the authentication which was successfully but couldn't get pass this.
I have tried this so far
axios.get(`http://127.0.0.1:8000/rest-auth/user/`,
{
headers: { 'Authorization': "token " + localStorage.getItem('token') }
}
).then(res => {
console.log(res)
}).catch(Error => {
console.log(Error)
})
which returns the forbidden 403 error;
Errors
Error: Request failed with status code 403
at createError (createError.js:16)
at settle (settle.js:17)
at XMLHttpRequest.handleLoad (xhr.js:61)
Also in the above code I also specified the headers in the following manner headers: { 'Authorization': "token key_from_DRF " } but no luck
I have also tried this
axios.get(`http://127.0.0.1:8000/rest-auth/user/`,
{
headers: { 'Content-Type': 'application/json' }
}
)
.then(res => {
console.log(res)
}).catch(Error => {
console.log(Error)
})
which returns the same error as before.
How should I execute this request successfully?
The axios POST method is correct, however make sure you passes the token
let tokentoserver = localStorage.getItem('token');
console.log(tokentoserver);
axios.get(`http://127.0.0.1:8000/rest-auth/user/`,
{
headers: { 'Authorization': "Token " tokentoserver }
}
).then(res => {
console.log(res)
}).catch(Error => {
console.log(Error)
})
I have removed the + sign you used to add token together
I have an Django backend. And trying to get http headers from it by using:
1) Angular 4.3 Http (it is going to be deprecated)
2) Plain XmlHttprequest.
3) Angular 4.3 HttpClient
1) and 2) have headers. But 3) does not.
Headers from 1):
var xhttp = new XMLHttpRequest();
xhttp.onreadystatechange = function() {
if (this.readyState == 4 && this.status == 200) {
console.log(this);
console.log(xhttp.getAllResponseHeaders());
}
};
xhttp.open("GET", "http://127.0.0.1:8000/csbg/survey/sometest/", true);
xhttp.send();
Headers from 2):
import { HttpModule} from '#angular/http';
this.http.get('http://127.0.0.1:8000/csbg/survey/sometest/')
.subscribe(
data=>{
console.log('GET OK')
console.log(data)
},
error=>{
console.log("GET ERROR: " + error);
}
)
Headers from (2)
Headers from 3):
import { HttpClient} from '#angular/common/http'
this.http.get('http://127.0.0.1:8000/csbg/survey/sometest/', { observe: 'response' })
.subscribe(
data=>{
console.log('GET OK')
console.log(data)
},
error=>{
console.log("GET ERROR: " + error);
}
)
There is no headers ! Why?
Also, Why default Access-Control-Expose-Headers headers is not present in there:
By default, only the 6 simple response headers are exposed:
Cache-Control
Content-Language
Content-Type
Expires
Last-Modified
Pragma
but my custom header is ?